Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/H4AOQ_9rDMaAPWR6BsCpG1osG28.roa
File: H4AOQ_9rDMaAPWR6BsCpG1osG28.roa (raw, json)
Hash identifier: k3sCIgT9KzYVNHBfPE7SKe4qhc/sjoUP9OEoEIjIOk0=
Subject key identifier: 1F:80:0E:43:FF:6B:0C:C6:80:3D:64:7A:06:C0:A9:1B:5A:2C:1B:6F
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018CC3B736D05FCD7BF9FDC151B07D7A90BE
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/H4AOQ_9rDMaAPWR6BsCpG1osG28.roa
Signing time: Mon 01 Jan 2024 06:30:13 +0000
ROA not before: Mon 01 Jan 2024 06:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 37173
IP address blocks: 193.251.153.0/24 maxlen: 24
193.251.218.0/23 maxlen: 24
193.251.222.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 19:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:36:d0:5f:cd:7b:f9:fd:c1:51:b0:7d:7a:90:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 06:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f800e43ff6b0cc6803d647a06c0a91b5a2c1b6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6d:eb:f4:16:62:fd:45:61:d4:76:75:46:03:
f5:a4:68:1f:fe:4a:44:f9:7c:b0:3d:70:4d:67:e2:
5f:e1:b4:e8:40:d8:59:22:75:17:11:19:70:53:d7:
17:50:dc:b3:16:9b:94:bc:71:34:76:f3:19:29:b5:
4d:1c:69:a2:dc:a4:64:1a:4f:bb:8e:5a:4f:50:47:
e5:bc:eb:96:fd:2c:00:da:5c:4c:5c:48:d4:30:7a:
e9:c3:fb:d9:2b:ca:03:dc:6a:eb:68:d2:5a:b4:fd:
7f:6a:d2:f0:d3:09:dc:46:ad:24:09:47:f0:bd:c5:
5f:4c:a2:99:bb:a7:ad:ff:35:b9:bd:59:b8:2e:82:
0f:6b:7c:3a:50:31:70:a3:b2:03:42:aa:a0:9a:d0:
b0:ae:8f:de:6d:bb:fe:22:57:d5:4d:50:2f:83:20:
ab:57:e8:f9:27:15:bd:13:23:3b:d9:ff:65:92:51:
79:a1:42:d6:40:d6:e1:62:d2:85:58:93:a8:e7:88:
69:74:4a:a0:5e:5d:97:7b:7a:43:96:6d:04:2e:b3:
16:18:44:fe:fc:05:77:38:e2:20:fd:35:2d:3e:8c:
2d:db:40:b1:14:a0:c5:3f:94:9d:a1:11:b8:a6:f7:
e0:e1:af:53:4a:ec:69:23:f4:6c:de:84:64:3f:1c:
25:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:80:0E:43:FF:6B:0C:C6:80:3D:64:7A:06:C0:A9:1B:5A:2C:1B:6F
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/H4AOQ_9rDMaAPWR6BsCpG1osG28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.251.153.0/24
193.251.218.0/23
193.251.222.0/23
Signature Algorithm: sha256WithRSAEncryption
98:b7:22:99:ca:de:b8:02:e2:c6:4b:cb:6e:dd:3d:4d:32:9c:
de:5b:12:14:4b:0b:aa:4b:e0:c0:b1:fe:5f:ce:fd:8d:01:4b:
36:72:6a:f4:db:56:b8:9b:22:52:f3:c0:23:d3:40:a2:24:44:
36:af:48:c2:9b:41:4f:88:7a:45:ae:a8:9e:40:a3:e6:22:b7:
bd:72:d5:9f:60:6d:58:49:8a:bb:91:49:fc:6e:73:a3:42:a9:
4e:e5:3c:45:13:1a:97:2b:84:b8:c8:67:2d:3c:82:0c:9a:ba:
dd:bd:5d:95:a4:c5:27:ce:cd:20:3e:31:3a:7e:ab:08:be:94:
c9:02:d3:fe:92:12:74:b0:c0:e1:1b:2e:c1:54:b2:dd:69:b7:
2d:7e:4a:99:e1:82:29:8e:a2:fe:09:63:cc:ce:86:5e:3a:ea:
7e:42:ac:44:bc:38:67:01:a1:9d:54:86:ca:ac:70:ab:fd:16:
43:23:14:20:cc:f5:61:c4:d3:72:0f:31:ed:c4:b3:25:36:08:
00:a8:ef:d7:70:8d:6a:50:d9:9f:b5:d5:1e:9a:51:17:8f:9a:
d6:6b:17:93:1e:90:ae:84:b8:9b:9d:10:c9:cf:63:bb:99:d7:
61:71:ae:8e:46:8f:91:1b:c4:db:35:de:d2:56:6b:8f:81:13:
20:72:37:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDtzbQX817+f3BUbB9epC+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjQwMTAxMDYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjgwMGU0M2ZmNmIwY2M2ODAzZDY0N2EwNmMwYTkxYjVhMmMxYjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmm3r9BZi/UVh1HZ1RgP1pGgf/kpE
+XywPXBNZ+Jf4bToQNhZInUXERlwU9cXUNyzFpuUvHE0dvMZKbVNHGmi3KRkGk+7
jlpPUEflvOuW/SwA2lxMXEjUMHrpw/vZK8oD3GrraNJatP1/atLw0wncRq0kCUfw
vcVfTKKZu6et/zW5vVm4LoIPa3w6UDFwo7IDQqqgmtCwro/ebbv+IlfVTVAvgyCr
V+j5JxW9EyM72f9lklF5oULWQNbhYtKFWJOo54hpdEqgXl2Xe3pDlm0ELrMWGET+
/AV3OOIg/TUtPowt20CxFKDFP5SdoRG4pvfg4a9TSuxpI/Rs3oRkPxwlTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB+ADkP/awzGgD1kegbAqRtaLBtvMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvSDRBT1FfOXJETWFBUFdSNkJzQ3BHMW9zRzI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwfuZAwQB
wfvaAwQBwfveMA0GCSqGSIb3DQEBCwUAA4IBAQCYtyKZyt64AuLGS8tu3T1NMpze
WxIUSwuqS+DAsf5fzv2NAUs2cmr021a4myJS88Aj00CiJEQ2r0jCm0FPiHpFrqie
QKPmIre9ctWfYG1YSYq7kUn8bnOjQqlO5TxFExqXK4S4yGctPIIMmrrdvV2VpMUn
zs0gPjE6fqsIvpTJAtP+khJ0sMDhGy7BVLLdabctfkqZ4YIpjqL+CWPMzoZeOup+
QqxEvDhnAaGdVIbKrHCr/RZDIxQgzPVhxNNyDzHtxLMlNggAqO/XcI1qUNmftdUe
mlEXj5rWaxeTHpCuhLibnRDJz2O7mddhca6ORo+RG8TbNd7SVmuPgRMgcjca
-----END CERTIFICATE-----
Generated at Mon May 20 01:00:42 2024 by rpki-client on console-fra.rpki-client.org